Asset-backed digital security tokens

ABSTRACT

A rights server system comprises a combination of digital fingerprint authentication techniques, processes, programs, and hardware that facilitate the creation, assignment, management, and enforcement of rights related to a physical object. An unspoofable, secure linkage is created between a physical object and an associated digital file through a digital fingerprint of the object. The digital fingerprint must be unambiguously derived from the object. The rights server manages interests in the physical object through issuing digital tokens which are linked to the associated digital file. Digital tokens linked to and backed by the physical object can serve as a type of currency or medium of exchange of real value.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims benefit under 35 U.S.C. 119(e) to U.S.63/040,423, filed Jun. 17, 2020, the contents of which are incorporatedherein by reference in its entirety.

COPYRIGHT NOTICE

COPYRIGHT © 2019-2021 Alitheon, Inc. A portion of the disclosure of thisdocument contains material which is subject to copyright protection. Thecopyright owner has no objection to the facsimile reproduction by anyoneof the document or the disclosure, as it appears in the Patent andTrademark Office file or records, but otherwise reserves all copyrightrights whatsoever. 37 C.F.R. § 1.71(d) (2017).

TECHNICAL FIELD

This application pertains to methods, systems, and software to createand manage a database storing an associated digital file (“ADF”)securely linked to a physical object of value and to implement ahigh-confidence way to directly prove that the one represents the other.Digital securitized tokens are linked to the physical object and therebybacked by the value of the physical object.

BACKGROUND

Transactions affecting rights in physical objects date back to thebeginning of mankind. In a simple example, an exchange of one object foranother, e.g. trading some wheat for a spear, transfers ownership inboth directions by exchanging physical possession. Later, documents cameinto use to represent rights in an object indirectly, e.g. a bill ofsale or a deed, and security agreements came into use to pledge orhypothecate objects to secure a loan. A pawn shop still secures loans bya possessory lien on a physical object as collateral, but documentationof the loan and lien are still typically necessary.

To make transaction documents in general relatively secure, and therebyreduce fraud and other mischief, things like sealing wax, paper, andelectronic notarial seals, digital and electronic signature laws, andwatermarks came into use. The problem remains that such things are nottruly secure with respect to affected physical objects. Specifically,there is no direct tie between the document (or other token or proxy)and the original object of value; there is no high-confidence way todirectly prove that the one represents the other, as such. A needremains for a way to securely facilitate and record various transactionsand transfers affecting rights in valuable physical objects in themodern digital world.

Digital currency (digital money, electronic money, or electroniccurrency) is a type of currency available in digital form (in contrastto physical currency, such as banknotes and coins). Digital currencyexhibits properties similar to physical currencies but it has uniqueproperties in enabling instantaneous transactions and borderlesstransfers-of-ownership. Among digital currencies, virtual currency isdigital currency that is used within a specific community. For example,all FarmVille players have access to the in-game virtual currency coinswith which they can purchase items for their farm. Virtual currencythough is only valid within the specified community. The virtualFarmVille coins cannot, for example, be used to buy a hamburger from aMcDonald's restaurant; they have no real-world value.

Cryptocurrency, on the other hand, is digital currency that does havereal world value, like Bitcoin. This type of digital currency is basedon mathematical algorithms with tokens being transferred electronicallyover the internet. The actual value, however, is hard to determine andindeed is highly volatile over time. The need remains for value tokensthat are backed by real value in a secure, non-repudiable way thatenables low-friction but reliable electronic transactions.

SUMMARY OF THE PRESENT DISCLOSURE

The following is a summary of the present disclosure to provide a basicunderstanding of some features and context. This summary is not intendedto identify key or critical elements of the disclosure or to delineatethe scope of the disclosure. Its sole purpose is to present someconcepts of the present disclosure in simplified form as a prelude to amore detailed description that is presented later.

To begin, the basic construct of a physical object linking to a digitalobject through the physical object's unspoofable digital fingerprint isapplied to enable, facilitate and securely record a valuable physicalobject (such as a painting) to be tokenized for hypothecation,fractional ownership and other transactions. In general, in thisdisclosure, transactions affecting physical objects are managed bymanaging a digital object, namely the digital counterpart record of thephysical object.

This disclosure thus describes techniques and their applications forlinking the physical world with the digital world through an unspoofabledigital fingerprint. Though the term “digital fingerprint” is used asthe descriptive term for that link, something quite specific is meant byit that is not generally true about what others call “digitalfingerprinting”. The digital fingerprints as described by the teachingsof this disclosure must characterize a single object, preserve little orno “group” or “class” information, be extractable solely from propertiesof the object itself, and be repeatable to such a degree that a matchbetween two extractions approaches near-absolute certainty.

In overview, one principal aspect of this disclosure describes dividinga physical object digitally to enable selling, lending, hypothecating,or otherwise conducting transactions affecting a part of (i.e., apartial interest in) the physical object. This is referred to this asfractionalization of an interest in the object. To be clear, thephysical object is not literally divided; rather, a legal interest suchas ownership or a lien (security interest) is established in a digitalcounterpart with respect to a portion of the physical object. In somecases, this may correspond to what is called an undivided interest inlegal parlance, meaning a partial interest in the whole physical object.In other cases, where an object is physically divisible in some fashion,the digital counterpart records and tokens can be arranged to implementinterests in specific parts or subsets of the physical object. Each partmay employ its own digital fingerprint. In some cases, a digitalfingerprint can represent multiple parts, tokens, etc. through itslinkage. Either way, the object doesn't go from one place to anotherphysically; rather, the transaction comprises communicating andprocessing digital information. In an embodiment, the processing takesplace in a rights server, and the transaction is completed in a secure,convenient, yet non-repudiable way, i.e., not able to be repudiated.

In one embodiment, a method to securely implement transactions thataffect the legal status of a physical object through digitaltokenization of the object, may include: inducting a physical objectinto a rights management system by acquiring a digital fingerprint ofthe physical object, creating an associated digital file (“ADF”) of thephysical object in a secure datastore, and storing the digitalfingerprint of the physical object in the ADF, so as to securely anduniquely link the ADF to the physical object in an unspoofable manner;initializing a secure digital ledger stored in or linked to the ADF;generating data comprising at least one ownership token representinginitial ownership of the physical object; storing the digital token datain the ledger so that the digital token data is thereby securely anduniquely linked to the physical object; authenticating a user based onreceiving a digital fingerprint from the user that matches the digitalfingerprint of the physical object stored in the ADF or matches a keyobject digital fingerprint previously stored in the ADF; granting accessto the ADF to the authenticated user; based on input from theauthenticated user, updating the ledger to reflect a transfer of apartial interest in the physical object to a second party; and executinga predetermined action responsive to updating the ledger. In sum, theability to tokenize physical objects securely in part or in whole isgiven by the teachings of this disclosure. Put another way, tokenizationfacilitates hypothecation and other transactions.

In an embodiment, a rights server system may include: a digitalprocessor to execute stored program code; a datastore operativelycoupled to the digital processor; the datastore arranged to maintainrecords that form an associated digital file (“ADF”) of a physicalobject, wherein the ADF includes a digital fingerprint of thecorresponding physical object; and a communications module or interfacefor communications with users; wherein the program code is arranged tocause the digital processor, upon execution of the program code, tocarry out

tokenizing a physical object by creating an associated digital file(“ADF”) of the physical object, wherein the creation of the ADF is undersupervision or control of a trusted entity, which may be understood as aperson, legal entity, system or algorithm; securely and uniquely linkingthe ADF to the physical object by storing in the ADF a digitalfingerprint extracted from the physical object itself; storing thelinked digital counterpart in a secure datastore; further populating theADF with data comprising at least one digital token so that the digitaltoken is thereby securely and uniquely linked to the physical object,the digital token representing and specifying an interest (for example,ownership, security interest, access or use rights) in the correspondingphysical object; adding supplemental data to the stored ADF, thesupplemental data including a transaction ledger; and transferring thedigital token to a party pursuant to an agreement; and updating theledger to reflect the transfer.

In another aspect of this disclosure, a third species is described,namely asset-backed digital security tokens, which are tokens associatedor linked to existing or new digital currencies. In an embodiment, asystem assigns a value by that association to a digital currency—but thetokens are not themselves digital currency. And they cannot be createdor “mined.” Rather, the digital tokens are backed by assets (realphysical objects) and associated to digital currency as a measure ofvalue. In the method taught by this disclosure, the digital fingerprintprovides the unbreakable link between the physical object and thedigital one. The uniqueness of the physical object itself is its ownidentification that can be used for high-confidence authentication.

Extending the concepts presented above on monetizing physical assets,this disclosure further teaches a method that allows any valuable itemto become the basis of a digital token backed by that asset. Thetokenization approach taught here differs substantially from both knownmethods of physical currency and/or digital currency. Physical currencycan be fiat (that is, unbacked by anything with its own value)—like allcurrent national currencies or backed—such as the gold- or silver-backedcurrencies that characterized national currencies in the past. Thestability of such a token comes from the scarcity of the backing asset.The token made possible by the teachings of this disclosure differ fromthis kind by being digital. Unlike bitcoin and its relatives, this tokendoes not have to depend on artificial scarcity since it is tied throughthe digital fingerprinting system to objects of real value and scarcity.

The tokens taught herein and their descendants (dividing the totalamount owned into smaller pieces convenient for exchange) become thecurrency. They can, of course, have their own digital analogs including,say, a set of digital fingerprints of the token that can be used a setnumber of times (or indefinitely) to prove ownership in the object ofvalue. Tokenization may as well be applied to a collection or set ofdiscrete items. A collection may be divided into one or more subsets.Likewise, a “child token” of the collection token may represent such asubset.

BRIEF DESCRIPTION OF THE DRAWINGS

To enable the reader to realize one or more of the above-recited andother advantages and features of the present disclosure, a moreparticular description follows by reference to specific embodimentsthereof which are illustrated in the appended drawings. Understandingthat these drawings depict only typical embodiments of the disclosureand are not therefore to be considered limiting of its scope, thepresent disclosure will be described and explained with additionalspecificity and detail through the use of the accompanying drawings inwhich:

FIG. 1 is a simplified block diagram of one example of a secure digitalfingerprint-based rights management system consistent with the presentdisclosure.

FIG. 2 is a simplified system block diagram including illustration ofone example of an associated digital file (“ADF”) in a datastore of arights server system.

FIG. 3A is a simplified flow diagram of an algorithm for initializing aledger securely linked by a digital fingerprint to a physical object ina rights management server system.

FIG. 3B is a simplified flow diagram of an algorithm for managinghypothecation in a rights server.

FIG. 4A is a simplified flow diagram of an algorithm for creating afractional ownership interest of a physical object in a rightsmanagement server system.

FIG. 4B is a simplified flow diagram of an algorithm for transferring afractional ownership interest of a physical object in a rightsmanagement server system.

FIG. 5 is a simplified diagram of representative software components orfunctions in a rights management server system.

FIG. 6 is a simplified flow diagram of an algorithm for managing accesstokens in a rights management server system.

FIG. 7 is a simplified system block diagram to illustrate examples ofrights server communications with various internal and externalequipment and processes.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

Reference will now be made in detail to embodiments of the inventiveconcept, examples of which are illustrated in the accompanying drawings.The accompanying drawings are not necessarily drawn to scale. In thefollowing detailed description, numerous specific details are set forthto enable a thorough understanding of the inventive concept. It shouldbe understood, however, that persons having ordinary skill in the artmay practice the inventive concept without these specific details. Inother instances, well-known methods, procedures, components, circuits,and networks have not been described in detail so as not tounnecessarily obscure aspects of the embodiments.

It will be understood that, although the terms first, second, etc. maybe used herein to describe various elements, these elements should notbe limited by these terms. These terms are only used to distinguish oneelement from another. For example, a first machine could be termed asecond machine, and, similarly, a second machine could be termed a firstmachine, without departing from the scope of the inventive concept.

It will be further understood that when an element or layer is referredto as being “on,” “coupled to,” or “connected to” another element orlayer, it can be directly on, directly coupled to or directly connectedto the other element or layer, or intervening elements or layers may bepresent. In contrast, when an element is referred to as being “directlyon,” “directly coupled to,” or “directly connected to” another elementor layer, there are no intervening elements or layers present. Likenumbers refer to like elements throughout the various views anddrawings. As used herein, the term “and/or” includes any and allcombinations of one or more of the associated listed items.

The terminology used in the description of the inventive concept hereinis for the purposes of describing illustrative embodiments only and isnot intended to be limiting of the inventive concept. As used in thedescription of the inventive concept and the appended claims, thesingular forms “a,” “an,” and “the” are intended to include the pluralforms as well, unless the context clearly indicates otherwise. It willalso be understood that the term “and/or” as used herein refers to andencompasses any and all possible combinations of one or more of theassociated listed objects. It will be further understood that the terms“comprises” and/or “comprising,” when used in this specification,specify the presence of stated features, integers, acts, steps,operations, elements, and/or components, but do not preclude thepresence or addition of one or more other features, integers, acts,steps, operations, elements, components, and/or groups thereof.

Nomenclature. Some of the terms used herein have the following meaningsor illustrative species. Digital fingerprinting and scanning aredescribed in more detail later.

-   -   Originator, Owner or Proprietor—individual or organization who        has, is presumed to have, or is shown to have, initial        ownership, possession, or control of a physical object and/or is        first to cause a physical object to be inducted into the taught        system.    -   System—in some of the embodiments refers to a computer server        (Rights Server) and associated datastore arranged to securely        facilitate and record various transactions and transfers        affecting rights in valuable physical objects.    -   Physical object—includes any tangible object that is movable.    -   Key Object—(or Key Physical Object or proxy) is any physical        object that can be digitally fingerprinted as described herein        and it (or its digital fingerprint) is used for identification        or authentication in the context of managing rights in another        object or a digital resource.    -   User—a person or entity who accesses or uses a component of this        disclosure.    -   Associated Digital File (“ADF”) is a digital record or digital        file associated with a particular physical object. The ADF is        securely linked to the actual physical object (and vice versa)        by storing digital fingerprints of the physical object.    -   Rights (affecting a physical object) include, without        limitation, whole or partial ownership, and security interests        in the object (or in an undivided part of it).    -   Access rights include rights to access and or use a physical        object, a digital resource, or a hybrid combination of the two.        A digital resource in this context may be a network service,        cloud resources such as processors, storage, a file, a program,        a database, or any other digital asset.    -   Digital Token in general is a digital record or file associated        with a particular managed asset, which asset may be digital or        physical or a hybrid of the two. A digital token can be used to        securely facilitate and record a wide variety of transactions        and transfers affecting rights in managed assets.    -   Ownership/Security Token is a species of digital tokens used to        manage ownership and security interests in an asset, including        fractional interests.    -   Access Token is another species of digital token. An access        token stores and represents access rights; i.e., a right to        access and or use the corresponding asset.    -   Asset-backed digital security token is a token that is backed by        the physical object(s) of value that it is connected to. In one        preferred embodiment, that connection is established in a secure        server platform.

A system, in one embodiment, may comprise a combination of digitalfingerprint authentication techniques, processes, programs, and hardwarethat facilitate the creation, assignment, management, distribution,enforcement, or any combination thereof, of rights related to a physicalobject. In some embodiments, the rights arise from or are governed byone or more legal agreements. Central to the system and methods is thecreation of a secure digital counterpart of the physical object, whichis termed an associated digital file (“ADF”).

Spoofing, an increasingly common problem, is the act of disguising acommunication from an unknown source as being from a known, trustedsource. Spoofing may occur in relation to emails, phone calls, andwebsites, or can be more technical, such as computer spoofing of an IPaddress, Address Resolution Protocol (ARP), or Domain Name System (DNS)server. Among the novel features of this disclosure is the unspoofablelinkage between a physical object through its digital fingerprints to acorresponding digital counterpart. By contrast, Blockchain-basedtechnologies may be used to create tokens and cryptocurrencies, but theyrely on spoofable proxy tags or IDs to connect physical objects toblockchains.

A. Connections Between the Digital and Physical Worlds

Many of the concepts concerning connections between the digital andphysical words (but not how to securely connect them) can be found inhttps://www.wired.com/story/mirrorworld-ar-next-big-tech-platform/. Thearticle discusses in detail a concept that has been gaining attention,namely, the “mirror world”, i.e. the universe of “digital twins” ofphysical objects. In short, the “mirror world” may be viewed as adigital elaboration of the physical world.

Although an excellent introduction to important concepts, the article(and the term “mirror world”) gives a limiting description of theobjects in the digital world as being “digital twins”, copies, orelaborations of particular physical objects. Contrastingly, the conceptsand embodiments described herein broaden the range of possiblerelationships between the two worlds far beyond the concept of a“digital twin”. The present disclosure teaches, inter alia, methods ofcreating secure linkages between any physical object and any digitalobject through digital fingerprints of the physical object. Once thoselinks are established, the disclosures elaborate on differentapplications of the approach to accomplish various tasks and/or achievea broad variety of outcomes.

It should now be clear why the concept of “digital twin” is inadequatefor understanding the relationship of a physical object to a digitalcounterpart in the context of this disclosure. “Digital twin” impliesthat the digital object resembles in some way the physical one, i.e. itlooks like it, contains data about it, or has some other appreciableconnection to it. In most of the embodiments described below, thedigital counterpart is a file containing information on or relating to acorresponding physical object, but it is not a “digital twin.” Inparticular, one of the novel features of a Digital Counterpart describedherein is that it implements one or more novel digital tokens asexplained below. Digital tokens can be used to securely facilitate andrecord a wide variety of transactions and transfers affecting rights invaluable physical objects.

Any physical object that can be digitally fingerprinted reliably andrepeatably is in view to utilize the present disclosure. The object musthave a material surface or internal structure that is consistent enoughfrom one digital fingerprinting to the next to be reasonably certainbeyond a threshold level that the digital fingerprints willunambiguously match. It is not, however, necessary that the surface orinternal structure be unaltering. If the object changes only modestlybetween the times when the digital fingerprints are acquired and if thenew digital fingerprints are added to the digital fingerprint record,then such an object is appropriate for the linking discussed here evenin the presence of substantial progressive change. See “PreservingAuthentication under Item Change,” U.S. Patent Application Pub.2017-0243230 A1, incorporated herein by reference. The remainder of thisdiscussion assumes the physical object may be reliably digitallyfingerprinted to fulfill the teachings of this disclosure.

Techniques and their applications are disclosed herein for linking thephysical world with the digital world through an unspoofable digitalfingerprint. Though the term “digital fingerprint” is used as thedescriptive term for that link, something quite specific is meant by itthat is not generally true about what others call “digitalfingerprinting.” The digital fingerprints as utilized herein mustcharacterize a single object, preserve little or no “group” or “class”information, be extractable solely from properties of the object itself,and be repeatable to such a degree that a match between two extractionsapproaches near-absolute certainty. Some techniques and equipment fordigital fingerprinting are described in more detail below.

In general, the digital fingerprint provides an unspoofable link betweena physical object (the object being digitally fingerprinted) and adigital object. The digital object is used to initially establish thelinked relationship and authenticate it at any later point. In somecases, information about the physical object (other than the digitalfingerprint) may be accessed via login without the digital fingerprint.In the present disclosure, the focus is on a particular type of digitalobject; namely, the associated digital file (ADF) or Digital Counterpartthat is linked to the physical object.

B. Digital Tokenization

Tokenization begins with creating a digital counterpart to the physicalobject of interest. The digital counterpart, or associated digital file(ADF), is linked to the physical object by the digital fingerprint ofthe object itself. Preferably, the digital fingerprint is stored in orlinked to the associated digital file. This is the secure, unspoofablelink described above. To access or generate the digital counterparttypically requires possession of the physical object itself.

In one embodiment, a rights server system maintains the digitalcounterpart files (ADFs) in a secure datastore. To gain access, a usertenders a digital fingerprint, for example, in a user interface or adigital communication with the server. Validation (or authentication) ofthe digital fingerprint in the server is performed by matching it to arecord in the datastore of records corresponding to physical objectspreviously inducted into the system. The matching process serves tovalidate the user as well as identify the corresponding digitalcounterpart file.

A digital counterpart file or associated digital file (“ADF”) (theseterms may be used interchangeably), contains or is linked to the digitalfingerprint of the corresponding physical object as noted. The ADF maycontain various additional data, depending on the specific application.Typically, useful contents may include any combination of one or more ofthe following kinds of digital data. These items are listed by way ofexamples and not limitation:

tokens that represent fractional ownership

high-quality digital photographs of the physical object

a ledger of current and past owners of the object

a certificate of origin

a certificate issued by the most recent professional authenticator

what is known about the object's provenance

a ledger of transfers and transactions involving interests representedby digital tokens

access tokens

other relevant or desired information or media that can be fixed indigital form.

FIG. 1 is a simplified block diagram of one example of a systemconsistent with the present disclosure. A physical object 100 may bepresented to a scanner 102 to acquire image data. The image data isprocessed by a process 104 to extract digital fingerprint(s) of the keyobject 100. These elements may be discrete or integrated. For example,the scanner may be a camera in a smartphone, and the digitalfingerprinting process may be an app on the same smartphone.Alternatively, intermediate data (for example, digital image data) maybe transmitted over a network to a remote processor to extract a digitalfingerprint.

The digital fingerprint of the object is securely communicated to arights server 110 via path 112. The rights server 110 is operativelycoupled to (or includes) a datastore 116. The datastore may containvarious databases or tables, including for example customer data andasset data. Asset data may include ADF data described above. The rightsserver may implement, for example, a user interface 140, query manager142 for interaction with the datastore 116, an authentication process orapplication 144. One use of the authentication process may be toidentify and or authenticate a physical object 100 based on its digitalfingerprint.

The rights server typically may include communications components 150.Shown below in the drawing are some examples of users of such as system.Users may communicate with the system 110 via component 150 to implementa wide variety of transactions related to assets managed by the serversystem. Users may include, for example, an owner (or the initial owneror proprietor) of an asset; a lender who may make a loan secured by aninterest in a managed asset; co-owners of an asset. These may beentities that have acquired a fractional interest in an asset asdescribed herein. Other users may include a buyer of the asset, anappraiser of the asset (who may be issued, for example, a token thatgrants a limited time access to do an appraisal); and an underwriter.

The term underwriter has two meanings, one in the insurance industry andone in connection with (usually publicly traded) securities. Both may beapplicable here. In the insurance scenario, an underwriter may issueinsurance to protect an asset managed by the rights server, say toprotect it from loss, theft, fire, etc. The rights server may store arule or workflow which causes it to automatically notify the underwriterof changes to the corresponding ADF affecting the asset. Securitiesunderwriters often work with initial public offerings (IPOs). They assesthe investment's risk to determine an appropriate price for an IPO. Theunderwriter may also agree to buy unsold shares in an offering. In thecontext of the present disclosure, an asset owner may create fractionalshares in a unique asset on the rights server. The type of asset isvirtually unlimited, and the number of shares can range anywhere from 1to millions. The rights server can then manage distribution of shares,payments, and subsequent transfers of the shares, securely andprogrammatically.

Physically backed gold ETFs, another species of securities, seek totrack the spot price of gold. They do this by physically holding goldbullion, bars and coins in a vault on investors' behalf. Each share isworth a proportionate share of one ounce of the gold. The ETF's pricewill fluctuate based on the value of the gold in the vault. In thatscenario, there is no unique physical object identified by its digitalfingerprint; rather, the ETF vault stores a fungible supply of gold. So,while the fund is “asset backed,” it is quite different from the instantdisclosure.

FIG. 2 is a simplified system block diagram further includingillustration of one example of a digital counterpart or associateddigital record (ADF) in a datastore of a rights server system. Thisexample is merely illustrative and not limiting. In the sample ADFrecord 200, it includes data such as transaction business rules, block202; ownership and security interests, block 222; history and pedigreedata of the physical object, block 224; identification and descriptionof the physical object, block 226; digital fingerprint(s) of thephysical object, block 228; and a transaction ledger, block 231.

The ledger 231 may store ownership data, fractional shares, and recordsof transfers and other transactions. At any given time, the ledgerreflects current ownership of the asset corresponding to the ADF 200.Thus, ownership changes and transfers may be effected by updates to theledger. In some cases, the changes to the ledger may initiated by anauthorized user via the communications component, as illustrated in moredetail below. In some situations, the ledger may be updatedprogrammatically, as where a borrower defaults on a loan secured by theasset where that security interest is reflected in the ledger. This maybe called an “electronic foreclosure.”

The transaction ledger 231 may maintain a record of all transactionsprocessed by the rights server that affect or are realized by thecreation, deletion, or updating of one or more tokens. This may includeownership tokens and or access tokens. Digital tokens 221 may beattached to the ledger 231. Finally, stakeholder communications data,block 236, by store communications information for the DigitalCounterpart 200, including for example, stakeholder email addresses andrules or workflows for transmitting messages to stakeholders in responseto various transactions.

Referring again to FIG. 2, one example of a digital token 221 isillustrated in the lower right quadrant of the drawing. This exampleshows the digital token comprising, in various examples, one or more ofasset-backed digital currency, block 240; data defining rights orinterests in an object, block 241; metadata such as history data, block242; token digital fingerprints, block 246; and secure access means,block 250. A dashed line between blocks 246 and 250 indicates that the“secure access means” refers to access to the token digital fingerprintsin block 246. These elements are likely to be utilized in connectionwith managing access rights (via access tokens) as distinguished fromownership interests.

The record 200 may also include data defining secondary access rightsand passwords, block 235. And it may store data for stakeholdercommunications, block 237, such as email addresses and communicationlogs.

In some embodiments, digital tokens, especially access tokens, may bemanaged (created, distributed, canceled, updated, etc.) by means of adigital token server. The digital token management server (not shown)preferably is implemented in software, and it may be separate process orintegrated with the rights server described above. See the descriptionwith regard to FIG. 7 below.

C: Monetization and Fractionalization

In an embodiment, ownership tokens component 514 manages ownershiptokens. Preferably, ownership tokens (corresponding to ownershipinterests) are tracked by a ledger. The ledger may be securely stored aspart of the ADF corresponding to the physical object ownership of whichis being tracked and managed by the stored tokens. Thus, ownershiptokens are not physical objects but rather digital objects thatrepresent interests in a corresponding physical object. (Ownershiptokens are distinguished from access tokens, discussed below.) Ownershiptokens may be created by a controlling entity or original issuer. As asimple example, an entity may own an original Renoir painting. The ownerinteracts with a rights server to provide a digital fingerprint of thepainting, and the server creates and stores a corresponding ADF, andstores the digital fingerprint of the physical object (the painting) inthe ADF, similar to the digital fingerprint 228 shown in the record 200in FIG. 2.

The owner may define partial ownership tokens as each representing, forexample a 1/10th interest in the painting. This is referred to asfractional ownership. These digital tokens may be stored in or linked toa ledger maintained in or linked to the corresponding ADF. The owner ofthe Renoir may establish a price for the painting (or for each 1/10interest). In that regard, he may submit an appraisal for storage in therecord among other metadata. These interests may be auctioned or soldthrough an e-commerce type of website or front-end process. Thegovernance engine may specify the manner of sale, payment typesacceptable, etc. The rights server may then deal with the ownershipinterests programmatically, enforcing the governance rules andapplicable contract terms. In an embodiment, a workflows and smartcontracts component 532 may store and implement workflows and smartcontracts as applicable.

The ownership tokens have several advantages. First, they may be furtherbought and sold securely using the rights server. Purchasers may beanonymous. Security is assured because a tendered ownership token (forexample, tendered for resale) will be checked by the server against theledger, and may utilize authentication of the user. Further transactionsagain may be governed by stored rules, and optionally carried out usingstored workflows and or smart contracts, component 532.

FIG. 3A is a simplified flow diagram of one process to implementownership tokenization. Here, the process begins with generating adigital fingerprint of a particular physical object, block 302. To doso, the owner must have physical possession of the object. An image ofthe object is captured and processed to generate the digitalfingerprint. Preferably, a confirmable timestamp is applied when adigital fingerprint is extracted to prevent a person from capturing andstoring a digital fingerprint and using it much later. This process maybe done in a rights server platform such as 110. Next, the process maycreate or update an ADF for the physical object, block 304. The digitalfingerprint is stored in the ADF to form a non-spoofable link betweenthe physical object and the ADF, block 306.

A next act may comprise initializing a ledger in the ADF and storing inthe ledger data, or a token, that specifies initial ownership status ofthe physical object, block 308. The ledger may take various forms as adigital object, for example, a file, table, database record, etc.Optionally, additional data, generally provided by the owner orproprietor, may be added or linked to the ADF. Such additional data mayinclude metadata for example, physical features of the object, packagingor tags, photographs, provenance information, etc., see block 309.Finally, at block 310, the process should include updating the ownershipledger responsive to subsequent interactions with the server, either byauthorized users or programmatically with other resources. The ledgerremains securely linked to the subject physical object through thephysical object's digital fingerprint.

In one preferred embodiment, ownership tokens created through thedigital fingerprint registration (or induction) process are attached tothe associated digital record of the physical object as well as thedigital fingerprint for accessing the object. Here, the tokens can beused to provide fractional ownership of the object. This method willallow owners of valuable physical objects to create and exchange digitaltokens, as shares in valuable physical objects, such as paintings andsculptures, slightly akin to the way stocks of a company are tradedtoday, except that companies are a legal fiction—they have no physicalembodiment, and likewise shares of stock are a legal creation having noinherent value. Further, corporate stock trading ledgers and systems donot store digital fingerprints.

In some applications, this fractionalization process may facilitate the“democratization” of ownership of high-value objects. Using the digitalfingerprint to register, identify, and authenticate the object providesan approach for high-confidence transactions, without relying on proxyidentification and authentication methods that can be spoofed.

Consider an example where an investor purchases a Renoir painting for$10 million, expecting to see it appreciate. The investor may issuedigital tokens of ownership based on, for example, a hoped-for $15million future valuation. The Renoir owner is free to sell these tokensbased upon the anticipated valuation of the object (or any value hechooses). Using the digital fingerprint to create and register a uniqueID (in an embodiment, an associated digital file of the painting) andthen using the digital fingerprint for authentication, means that theRenoir painting purchased cannot be substituted with a forgery and itsdigital records, such as its provenance records, will always be secureyet discoverable. The issued (sold) tokens are tradeable objects intheir own rights, backed by the (hopefully appreciating) value of theRenoir.

The issuer of digital tokens for the digitally fingerprinted object candesign smart contracts that can be triggered by events, such asautomatic payouts for the sale of the original object. Consider that theRenoir was later sold for $17 million. The outstanding tokens would berepurchased automatically, providing a financial return for theinvestors or token holders. In more detail, a smart contract associatedwith the physical object (the painting) may be stored or linked in theassociated digital file of the painting. A rights server, suitablyprogrammed, such as described herein, may receive a message from atrusted party reporting the sale. In one embodiment, trusted parties or“message senders” may be specified in the associated digital file.Authentication specifications for such messages may be specified aswell.

Responsive to receiving a valid sale report of the painting, the rightsserver may programmatically take the actions useful to disburse theproceeds or money-like tokens for the proceeds, and notify affectedparties, and take any other actions specified in the software. Again,the software implementing the smart contract is secured in theassociated digital file by means of the unspoofable digital fingerprintof the physical object, namely the Renoir.

FIG. 4B is a simplified flow diagram of an algorithm for transferring anownership interest of a physical object in a rights management serversystem. In this figure, the process shows a user login, block 428, andauthentication of the asset/user, block 430. A user login may useauthentication by digital fingerprint, password or other means. Eitherway, a matching record (ADF) will identify the physical object ofinterest. Decision 432 determines, for example by querying the ledger,whether the user owns a transferable interest in the object. If so, thesystem acquires data to define a transfer as requested by the user(which may be done by external communications, programmatic interactionwith a remote computing object, live user interface, etc.), block 434.Then, the system updates the ledger, block 436, to implement therequested transfer. The transfer may implement update, cancellation,modification, etc. of affected tokens. In the case of ownership tokens(full or partial), the changes may employ little more than updating theledger. A hypothecation transfer request may employ a more extensiveworkflow. A transfer of access tokens may involve issuing new accesstokens and transmitting them to a designated recipient in the case ofaccess tokens designed to circulate. In general, the server will executeappropriate rules or workflows, block 444 to complete the transfer.

Smart contracts can also be used to enforce rules related tomaintenance, transport, insurance, and storage of the digitallyfingerprinted objects. Here the digital fingerprint is used to identifyand authenticate the physical object when it leaves custody or istransported for any reason, and when it returns. Another area that canbe incorporated is taxation. Smart contracts tied to the tokens anddigital fingerprints can execute processes to compute and deduct certaintax schemes, such as withholding tax.

In an embodiment, the present methods may include assigning orassociating tokens of ownership of an object to digital fingerprints ofother objects. For instance, a token seller can assign a portion of anoriginal painting's tokens to a digital fingerprint of a reprint of thepainting. In this example, a buyer that purchases $1,000 of tokens inthe Renoir, can hang the reprint of the Renoir in their home and use thereprint's digital fingerprint to access information about the originalRenoir in which they have fractional ownership. While the reprint haslittle inherent value, its digital fingerprint nonetheless is unique andcannot be faked. The reprint thus serves as a secure link to theoriginal and a visual, physical reminder of tokenized ownership in theoriginal. A thief who steals the reprint (perhaps mistaking it for theoriginal) will have no idea of its relationship to the original. Even ifthe thief somehow learned that a digital fingerprint of the reprint maybe of interest, how and where on the reprint to capture a digitalfingerprint will be unknown. Even in the unlikely event that the thiefknows how to capture the digital fingerprint, a location stamp can beassociated with the reprint so that only a digital fingerprint capturedat the correct physical location (plus or minus) is valid. This featurecan be added as additional security. Alternatively, or in addition, theserver system may utilize the digital fingerprint plus otheridentification methods like a password or biographic ID. Thespecifications may be specified in the Digital Counterpart of theoriginal Renoir.

In an embodiment, a method also may include options to provide tokenizednested ownership. For instance, an individual may have an art collectionthat is intended to stay together as a single collection, but the ownermay nonetheless sell tokens for individual paintings in the collection.More generally, this process applies to composite objects where certainparts may be worth more than others. For instance, owning tokens for theengine of a classic car but not the entire classic car. A rights servercan be programmed to manage the tokens accordingly. In more detail, atoken management program can generate, track, update the tokens in arights server as mentioned above.

In an embodiment, a method may be programmed to provide an index ofrelated or unrelated objects that can be tokenized. Here, for example,the issuer of tokens could create an index for a group of objects, forexample a classic car, along with several paintings and sculptures, andthen issue tokens for that index. Such an arrangement implementsdiversification in the investment sense of the term. But at the sametime, it ensures that every interest is securely linked to thecorresponding set of physical objects. The system can reject an attemptto deal with an individual object beyond parameters specified for theindex. Ownership and access rights to such an index can be granted inmany ways, including through providing the digital fingerprint of one ofthe items, of a secondary item (such as the abovementioned paintingreproduction), by password, or by other means.

In another application, a method may be programmed to insure objects atdifferent levels of granularity. For example, if someone steals one of1,000 bars of gold, the insurance company only needs to replace thevalue of the bar that was stolen. The increased insurance rates wouldonly affect that single bar of gold and its owners, not the owners ofother bars. Being able to specify granularity of ownership for an objector set of objects allows owners to set up more differentiated incentiveand maintenance schemes that avoid problems with collective ownership,i.e., the tragedy of the commons scenarios. These examples illustratethe versatility of the digital fingerprint method for working with aselected granularity of ownership and providing authentication at thatlevel.

The disclosed methods and systems to tokenize objects for sale, inanother embodiment, may be configured to create a private network ofowners and/or stakeholders. Token ownership can enable access to thedigital record associated with a valuable physical object. A rightsserver may be used to communicate information to the network ofregistered owners of tokens corresponding to interests in the physicalobject. For example, if the original owner of the object wanted toprovide options to buy back shares in their object, he could communicateto each token holder on the ledger in the digital folder attached to thedigital fingerprint used for registration. In an embodiment, the ownermay provide for such communications in the associated digital file. Theowner may login (authenticate) to the rights server and initiate thecommunications. The server may be arranged to receive and processreplies from the registered owners. The options may be sold using anassociated smart contract. A registered owner may request access to seethe contract, while it remains unknown to outsiders.

In an embodiment, a token issuer may not have possession of an object hewishes to register by its digital fingerprint, or the desired object hasnot been registered by digital fingerprint. Here, the primary purchaseror token issuer can offer a “placeholder digital fingerprint” that willbe replaced when he obtains the desired object. For example, a carcollector may want to crowdsource funding to acquire a classic car viatokenized, fractional ownership. The collector (i.e., the primarypurchaser—token issuer) can provide another digital fingerprinted objectas a temporary placeholder, while the tokens are being sold to raiseenough money to purchase the classic car. In a similar vein, one may ownthe Renoir painting, in whole or in part, but it is on loan to a museum.The owner wants to sell a fractional interest in the painting, but it isnot accessible to digitally fingerprint it. When the owner lends thepainting to the museum (or it otherwise leaves their control), aplaceholder digital fingerprint may be created and stored.

Note the placeholder may be a digital fingerprint of virtually anyphysical object in possession of the collector. (See description of KeyObject.) In this scenario, the entire object can be digitallyfingerprinted as part of the registration, depending on thespecification of the possessor. If and when all the targeted funding israised, the collector—token issuer must replace the temporary digitalfingerprint with the digital fingerprint of the classic car, along withproviding all of the appropriate files (such as expert appraisal,provenance, etc.) that should be contained in its associated digitalrecord. In the event appropriate funding was not raised, the collectedfunds would be returned to the token holders of the temporary object.That process as well can be managed programmatically by the rightsserver, for example, utilizing ACH transfers.

In another embodiment, a rights server may be configured to create adatabase of registered, digitally fingerprinted objects. This databasecan be used to prevent someone from doing again what has already beendone or doing something that obviates what has already been done withrespect to a previously registered object. Securitization andhypothecation are examples of actions the rights server may prohibit.Consider the Renoir example above; here, the Renoir is registered to adatabase when tokens were issued. If another party attempted tosecuritize this same painting via a digital fingerprint-based system,the associated database would find the previously registered paintingand prevent any new registration. To that end, the part of the systemthat creates a digital fingerprint of an object would first check thedatabase of registered objects and that that access would not be underthe control of the owner/holder of the object. The database may serveanother function, illustrated by a scenario in which a person defaultson a loan or otherwise no longer has unencumbered ownership in anobject. He then, without telling the potential purchaser about thedefault, attempts to sell the physical object. The purchaser can, usingthe object, access a database telling him all the encumbrances on theobject.

In an embodiment, a rights server may auto-generate notices (messages)to one or more rights holders based on a workflow or algorithm triggeredin response to receiving an authenticated input message affecting thestate of or rights in a tokenized physical asset.

In one embodiment, if the object is a painting, for example, thecorresponding ADF puts in one place all that is valuable about thepainting except the painting itself. Such a file can, of course, be madewithout the teachings of this disclosure, but the secure linkage to theobject itself established by the teachings of this disclosure cannot be.The following is an example of how the teachings of this disclosurecould be used to monetize the painting for the owner. This is but onepossible way that digital tokenization can be employed.

D: Using an Object to Secure a Loan

One example of a hypothecation process is illustrated in the simplifiedflow diagram of FIG. 3B. The process may be implemented in a rightsserver system of the type described herein. To get a $1 million loan,for example, the owner of an object creates (under independentsupervision by a company providing the service, for example) theassociated digital file and populates it with ownership tokens, seeprocess blocks 311, 312 in the drawing. The ledger is updated to reflecta loan of $1 million on the part of a lender, the terms of the loan, theconditions for repayment, the escrow company if any, and so on—block316. The loan entry on the secure ledger may include data indicative ofby whom and how an indication of default would be received andauthenticated by the rights server. In other cases, objects may beloaned, and the loan recorded in the digital counterpart, without anycollateral. Where collateral is involved, any object can be used ascollateral as long as it is linked by a corresponding digitalfingerprint.

The lender may be transferred all or a portion of the ownership tokensassociated with the Renoir painting, for example, as collateral when theloan is funded, most likely through a third party, block 314. Putanother way, full or partial (fractional) ownership interests may behypothecated using the present system. Hypothecation is accomplished inessentially the same way that fractional ownership is, except that theownership rights given by the tokens here are provisional—on the loanbeing defaulted on—instead of absolute. The transfer of collateral maybe accomplished by updating a ledger in or linked to the digital fileassociated with the painting (block 316). Put another way, the transferof collateral may be realized by assigning provisional or contingent (ondefault on the loan) ownership interests to the lender. An access token(a physical object) may be transferred to the lender. But if theassociated digital file is in the possession of a secure intermediary,for example, a secure rights server, nothing needs to be transferred tothe lender other than access to the file that shows his securityinterest in the object.

If the owner defaults on the loan, block 320, the lender gets ownershipof a previously-agreed-to portion of the painting and its associateddigital file. Transfer of ownership rights may be implemented by aworkflow, block 324, triggered by the indication of a default. (Seediscussion of non-judicial foreclosure below.) The workflow may changethe collateral status of the subject token(s) to an ownership status inthe corresponding ledger. The workflow may notify other stakeholders.The “portion of the painting” refers not to a literal, physical portionof the painting; rather, it refers to an undivided partial-ownership (orfractional) interest. This new ownership interest is securely documentedby a corresponding transfer of rights in the associated digital file,for example, by updating a ledger.

Depending on the terms of the above loan agreement, during the term ofthe loan, i.e., in the absence of a default, the lender can sell hisshare or do many other things that could be included in associated smartcontracts. For example, the lender can sell, hypothecate, fractionalize,etc. the loan (his rights as lender), including the security interest ifthere be one in collateral securing the loan.

In sum, there are at least four scenarios that individually or invarious combinations can all be securely implemented using the systemsand methods described herein to make them convenient, non-spoofable,non-repudiable, and is some cases largely automated. These scenariosinclude (fractionally) selling an ownership right, (fractionally)hypothecating an ownership right, (fractionally) selling the rights of alender, and (fractionally) hypothecating the rights of a lender.

In a further elaboration of this embodiment, the owner of a portion ofthe object may sell, or otherwise leverage, hypothecate, etc. hispartial ownership interest, in part or in whole. Thus the (partial)owner may have the right, given as part of the contractual agreementsthat form part of the digital counterpart, to redistribute his tokens orto subdivide his ownership and to issue new tokens (whether digital,physical, or a combination) to those who purchase (or borrow or lendagainst or otherwise acquire an interest of some sort) his part of theobject. Likewise, an owner of a partial interest in a loan (as lender)can sell or (further) fractionalize and or (partially) hypothecate hisrights as a lender.

The end result of the foregoing process is that the physical object isconnected or linked—through its digital fingerprint—to a digital object(here, the associated file) containing information on ownership,repossession and/or other agreements, management of the tokens (andtheir digital fingerprints) as well as any additional information andmetadata on the object itself. Some examples of metadata were givenabove. In an embodiment, management of ownership and or access tokensmay be governed by a set of business rules (See 202 in FIG. 2,illustrated as part of an ADF 200).

A rights system as described herein may programmatically “foreclose” onthe collateral by changing the security interest to an ownershipinterest and updating the corresponding ledger to reflect that change. Asecured creditor may repossess a piece of collateral or render a pieceof equipment unusable on the debtor's premises through self-help andwithout judicial process, where the creditor's lien extends to 100%interest in the asset, pursuant to applicable law, such as Section9-609(b)(2) of the Uniform Commercial Code. Self-help repossession isthe easiest, quickest and most cost-effective means of repossessingcollateral as it does not require the time and expense of obtaining acourt order. The system disclosed herein may then issue updated digitaltokens reflecting the change to affected parties. These processes orworkflows implement programmatic non-judicial foreclosure.

An embodiment may also include scenarios around rehypothecation. Forinstance, lending entities that hold securitized tokens of objects, mayuse those same tokens as collateral for their own purposes. (The entityneed not literally “hold” the tokens; ownership of the tokens may beregistered to it in a ledger in a centralized server system.) In theprevious example, the lender who accepted $1 million in tokens for theRenoir painting may use these same tokens as collateral on a separatetransaction. The digital nature of the tokens renders the tokens easilytrackable and enhance the lender's liquidity options.

E: Partial Sales and Fractionalization

Tokenization to implement partial ownership shares was described above.Many objects of value, such as paintings, or diamond rings, are by theirnature, indivisible (in the physical sense). Partial, undividedinterests in assets are well-known in many legal systems; for example,undivided partial interests in real estate or other assets (co-tenancy,for example). The present system enables a variety of transfers andtransactions, including creating and transfer of partial interests, in alow-cost, secure “spoofproof” system. The present system enables secure,convenient investments in fractional shares of almost any physicalobject.

FIG. 4A is a simplified flow diagram illustrating one example process toimplement fractionalization of an object. The physical object ofinterest is first inducted by acquiring a digital fingerprint of theobject, and an ADF is created and stored as described above. The digitalfingerprint is stored in the ADF in a datastore, block 402. A request isreceived from a user to fractionalize his share, block 406. The user isauthenticated, or more precisely a digital fingerprint tendered by theuser is authenticated, decision block 408. Assuming a matching record(ADF) is found, the system determines whether the user's interestpermits fractionalization, decision block 410. This may be determined,for example, by terms stored in the ADF, or associated business rules,or workflows accessed by the server.

If the user is authorized and the action is authorized, a workflow maybe executed to fractionalize ownership as requested, block 412. The ADFledger is updated to reflect the change. The user request typicallywould specify the fractional shares, which need not be equal, andassociated terms and conditions. The workflow may include sendingnotification to fractional owners and or other stakeholders, block 420.In one example, where the ledger shows the user's interest has beenhypothecated, the new fractional interests will likewise be createdsubject to the lien and inherit the relevant terms. This data should beadded to (stored in) each new fractional interest token. The originalowner may specify recipients of some or all of the new fractionalshares. Such allocations can also be done automatically as part ofapplicable work rules, for example. This data is added to the ledger aswell; it may be used to transmit notifications to the recipients of thenew fractional shares.

FIG. 5 is a simplified conceptual diagram illustrating principalsoftware functions and components of one embodiment of a rights server.In the figure, a rights server 110 provides the functions describedbelow. Although sample software components are shown for illustration,the organization or allocation of various features and functions tospecific software components is a matter of design choice. Indeed, someof the functionality illustrated may be implemented in a separate serveror database arranged for communication and coordination with the rightsserver 110. As one example, in some embodiments, the rights server 110may query a central server (not shown) during the object inductionprocess (component 504), to check that a physical object digitalfingerprint not only is not already found in the datastore 116, but alsoto confirm that it is not already registered in the central server. Thisensures that the same object is not being managed in a different system,or at least is not being managed in parallel in a manner that wouldconflict with the uses described herein. There may be a scenario where afirst portion of ownership of an asset is managed in a first system orrights server, while a second portion or share non-overlapping the firstportion is managed in a second system.

In the example rights server system of FIG. 5, a user database component502 may issue and maintain the identity of a user (creates user profile,not always necessary). User data may be stored in a user database in thedatastore 116. Types of users may include, for example:

(a) Controlling entity or original issuer (this refers to an entity thatcontrols use and or ownership of a physical object inducted in thesystem, for example the entity that originally entered the physicalobject into the system (via its digital fingerprint)); (b) Entity whowants access and/or use of an object. (in this sense, the object may bephysical, for example, a car or lawnmower that an entity wants to use(temporarily), or the object may be a software file, object or service);(c) Entity who wants to purchase fractional ownership of the object,and/or (d) Entity that wants to hold some share of ownership in theobject (e.g., ere the entity would “hold” an ownership share in thesense of hypothecation).

The user database component may authenticate the user profile viabiometric or other means. User data may connect bank account or othermeans to buy or exchange via the present system. The user databasecomponent may issue access passwords or connect to another digitalfingerprint's access token.

An object induction component 504 manages induction of a physical objectinto a repository or datastore coupled to the system. Component 504 mayreceive an induction request. The request may comprise a messagecommunicated over a network or interaction with a user interface. Theinduction request may include a digital fingerprint of the physicalobject. Alternatively, component 504 may manage creation of the digitalfingerprint, for example, using the scanner 102 and associated elementsillustrated in FIG. 1 or equivalents. In an embodiment, the inductioncomponent 504 may check to see if the object has already been inducted.This may be done by querying a database of counterpart records based onthe digital fingerprint. The induction component, to induct a newobject, may create an associated digital file and store the file as orin a record in a database, for example, in datastore 116. It also storesthe digital fingerprint of the physical object in the ADR as discussedabove. This induction component 504 may receive various additional dataor metadata and associate it to the physical object by storing the datain the counterpart record. In an embodiment, these acts may be realizedby a digital counterpart component 506.

Key Object. In some embodiments, the induction process may includegenerating or otherwise acquiring a digital fingerprint of a differentphysical object, called the key object. The key object is not thephysical object being inducted, which may be called the managed object.The key object digital fingerprint may be stored in the ADF of themanaged object along with the digital fingerprint of the managed object.The key object may then be used to grant to its holder access to theprotected asset. Key object digital fingerprints may also be added tothe ADF subsequent to initial induction, subject to properauthentication and permissions.

In more detail, a user may tender a digital fingerprint of the keyobject via a user interface or communication with the rights server. Theserver then queries the datastore for a match, and if successful, grantsaccess to the physical object associated with the matching record. Whataccess is granted via the key object may be defined in the ADF or byassociated governing rules and or workflows. That access may be definedto obtain certain access tokens, or to obtain a certain share ofownership tokens. In this way, various rights in the managed asset maybe transferred securely by delivery of the key object or the digitalfingerprint of the key object, or a token representing the key object,to a transferee.

In an embodiment, the induction component 504 or the ADF component 506additionally may implement one or more of the following acts orprocesses: Collect and add additional information to the counterpartrecord for the digital object as need (metadata, user-input, images,media, or other means of data ingestion); Establish a pedigree for thephysical object; Create an ownership ledger (see below); and Inductprior certifications and contracts as needed. Some of these dataelements are illustrated in FIG. 2, ADF 200.

Referring again to FIG. 5, a governance engine 510 may be provided tostore and implement access token rules and ownership token rules. Theserules may be established by the controlling entity or original issuer.They may be acquired in the object induction process or subsequently.This component 510 thus enables a controlling entity to define rulesthat govern rights associated to accessing and/or using thecorresponding object. Further, this component enables a controllingentity to define ownership terms that govern the interests or sharessold via ownership tokens.

Another component 512 may be provided to coordinate with frontendsystems, for example, frontend systems that are used to market items tobuyers (for example, external websites or apps). This may exchange datavia APIs or other means. These marketed items may comprise, for example,access rights or ownership rights in an object.

F: Additional Example Embodiments and Applications

Securing a Supply Chain. In one preferred embodiment, the digital recordis a file relevant to a particular physical object and the digitalfingerprint for accessing the file comes from the physical object. (Insome other applications, the object whose digital fingerprint providesaccess to the digital file may have nothing at all to do with thecontents or functionality of the digital file (other than its beingaccessed through the digital fingerprint)).

The physical object's digital fingerprint is captured at a point ofknown provenance. That may be the time and place of manufacture, repair,or expert appraisal, to give a few examples. That digital fingerprint ofthe object is associated with a digital file about the physical object(ADF) that stores data comprising, for example, where and when it wasproduced, where it has been and where it was going, and anything elseneeded for tracking the object. In this embodiment, the digitalfingerprint comes from the object and is captured each time informationabout the object has been generated or existing information needs to beused. The digital file contains this information. It is securely anduniquely linked to the physical object by storing the digitalfingerprint of the object in or linked to the digital file.

In this embodiment, the digital file and the physical object are linkedat known provenance, and the file is thenceforward protected by standarddigital techniques while the associated physical object itself continuesalong the supply chain. At any point the physical object can bedigitally fingerprinted again, and that digital fingerprint compared tothe one associated with the file. If it matches properly, the object isdeemed authentic. What has happened here is that because of theunspoofable link between the physical object and the associated digitalfile through the digital fingerprint, the physical object participatesin the security features of the digital realm. Without the link,security of the object depends entirely on security of the supply chain.With the link, either the object or the file being kept secure issufficient to know the object is authentic. Single points of failurehave been eliminated.

In this type of scenario, an object is taken out of the possession orcontrol of the owner/original holder. There is thus no security in theflow of the physical object, but the file containing identifying andownership information remains secure and through the digital fingerprint(captured at registration and used at return of the object), the objectitself remains secure. It is positively re-identified as the originalobject registered earlier.

Meta-analysis of tokenized digitally fingerprinted objects. In onepreferred embodiment, the system or platform that facilitates thekeeping of records of tokens assigned to the digitally fingerprintedobjects can use object-specific information to aggregate informationabout the value of objects and their classes. Data generated can providedetails such as price trends, forecasting of future value. For example,the platform used to track tokens of classic cars can aggregateinformation about the change in value of specific classes of cars,thereby providing pricing trends.

G: Access Tokens Distinguished from Ownership Tokens

As discussed above, a rights server system may manage access tokens aswell as ownership tokens. It was explained above that “access token”refers to a digital record or file associated with a particular asset,which asset may be digital or physical or a hybrid of the two. A hybridasset may comprise, for example, a machine (physical object) and a usermanual or maintenance records (digital files) associated with themachine. Access to both of them may be managed by a digital accesstoken. A digital token in general stores and represents an interest inor right to use a corresponding asset. An access token more specificallygrants the holder specified rights to use or access an asset, ratherthan own it.

FIG. 6 is a simplified flow diagram of an example algorithm for managingaccess tokens and corresponding rights in a rights management serversystem. The process comprises inducting an asset into a rights serversystem, block 602. This asset, as noted above, may be a physical object,a digital object, or a hybrid of the two. The system interacts with aproprietor to define access and or use tokens, block 604 and stores themin the corresponding ADF. Next, the system may execute a workflow togenerate access tokens as requested with defined scope, block 606. Thescope may define a type of use or access, duration of use or access,etc. In one example, a classic car may be hypothecated using theownership tokens, but the owner may also sell access rights for otherparties to drive the car (assuming it does not breach the loan securityagreement). Access parameters may limit the usage to say 100 miles, or50 miles per day, or a permitted geographic region of operation.

Continuing, the system may distribute the new access tokens to adesignated recipient, block 610. When the recipient utilizes the tokento access or use the corresponding asset, the system may begin tomonitor that access or usage,

block 612. Examples of practical systems and processes to accomplishthat monitoring are described below with regard to FIG. 7. Themonitoring detects any usage of the asset beyond the permitted scope,block 620. Such a breach may trigger a workflow to address the breach,for example, disabling the asset or assessing a surcharge. Next, theaccess tokens ledger is updated to reflect the usage, block 626, whichmay be stored in the corresponding ADF in a datastore. Finally, aworkflow may include sending notifications to stakeholders, see block630.

In the parent case, rights management is described using digitalfingerprints. Much of that case focused on access and use rights—rightsthat may be implemented and managed using access tokens as describedabove. The managed objects are referred to as “protected assets.” Therights server system and methods described above may be arranged toprovide much of the functionality described in the parent case, throughthe use of access tokens. The functionality of the parent case may alsobe implemented in a separate DRM platform configured for communicationswith the server system described above, or some hybrid arrangement. Inthat scenario, for example, some access tokens issued by the abovesystem may be configured to point or link to the DRM platform to realizethe functions described below with regard to FIG. 7. Drawing FIG. 7 is areproduction of FIG. 2 from the parent case. Selected portions of theparent case specification are reproduced below.

FIG. 7 is a simplified block diagram of a system. It illustrates rightsserver 110 communications with some examples of internal and or externalhardware and software elements to realize the server functionality. Theexamples shown are merely illustrative and not intended to beexhaustive. Communication with assets 130 illustrates cases where theprotected assets, physical, digital, or hybrid, may have the ability tocommunicate directly with the server. For a digital asset such as aprogram, this may take the form of inter-process communications. Theasset may be a “player” that controls use of a digital media contentitems (themselves also assets); it may interact with the server toenforce restrictions and or report usage of the media items.

The rights server may communicate with physical security systems, block230, such as those mentioned above. The physical security systems 230 inturn are coupled to corresponding assets via link 240. The rights servermay communicate with physical sensors, block 232. For example, sensorsto monitor the environment around a loaned asset. The physical sensors232 thus are coupled to or arranged adjacent to assets 130. A sensitiveitem of laboratory equipment, for example, may have a limitedtemperature operating range to maintain calibration. Or, accelerometersmay be utilized to ensure an asset is not “shaken” beyond limitationsspecified in the applicable use terms and conditions. These kinds offeatures may be useful where a physical asset is released to a user forthe express purpose of transporting the asset to a new location, subjectto limited vibration and temperature swings.

In one embodiment, the taught system is used for data and digitalcontent distribution and discrimination. This method provides aconvenient and secure way to distribute data and/or other digitalcontent with such control exercised through the digital fingerprints ofone or more physical key objects. This allows the lender to deliverinformation to a dynamically changing set of users in such a way thatonly authorized users can gain access. Further, the permissions andusage agreements can vary on a per-object or per-user basis. Thisembodiment may include access to copyrighted material, streamingaudio/video, etc.

Referring again to FIG. 7, a rights server may communicate with digitalasset usage monitoring systems or components 234. The monitoring systemmay communicate with a customer or user system (not shown) that isaccessing or utilizing the protected digital asset. The rights servermay communicate with components arranged to enforce digital assetpermissions, block 236, for example by changing permissions todeauthorize or stop access to an asset after the permitted usage limitis reached. In an embodiment, an alarm process or workflow may betriggered when usage of an asset exceeds the applicable managementparameters. Interaction with and control of hybrid assets, or associateddata collection, may be realized using one or more of the componentsillustrated in FIG. 7.

In one embodiment, the disclosed control of a digital object through aphysical object permits object owners or producers to bundle offerings,such as digital offerings that complement or in some manner relate tothe use of the physical object. In one such embodiment, the objectoriginator ties proprietary tutorials and instructions to a piece ofequipment. A digital fingerprint is used to authenticate the physicalobject and access the rights management server that grants access to thetutorials and instructions.

The taught system may deny access to customers based upon rights orlicenses with other customers or polices dictated by the laws or by theoriginator. Although a customer may scan an object (or otherwise obtainand/or reference the object's digital fingerprint) in hopes of takingpossession of that object, the rights management server and anyconnected security or governing systems may deny the customer thatpossession based upon licenses or procedures in the rights managementserver. Here, the digital fingerprint is used to identify the individualphysical object and initiate the transaction and the tracking of rights.Digital fingerprints may also identify the user—these may be key objectdigital fingerprints or even the user's or proprietor's own biometricdigital fingerprint.

H. Asset-Backed Digital Security Tokens

Above tokenizing is described as an asset, say an original Renoir, andcreating say 100 tokens for 1/100 ownership interest per each. Thosetokens can be bought and sold, and further divided, pledged, etc.—allthe while (proportionately) backed by the original Renoir. If a group ofpeople are circulating those Renoir tokens, it might be considered a“digital currency.” There are known domain-specific digital currencies,for example, for games like Farmville coins. They are only accepted(negotiable) in the Farmland game domain. By contrast, in the aboveexample, the Renoir digital currency can be used for anything. It is nota fiat or national currency. The Renoir asset-backed digital (security)token is just that—a digital currency backed by that one specific asset.Further, the asset-backed tokens can be linked or associated to acurrency. Unlike domain “currencies” or fiat currencies, it is reliablylinked to real value in a physical object. Ownership and transfers oftokens may be implemented and tracked, for example, in a server systemas described above.

Value is assigned as in any sale/attempted sale: it may be set byauction, set directly by the seller (the “ask” price in stocks, forexample), set differently by the buyer(s)—the “bid” price in stocks, orby any other means. Of course, once a token sells, the price has beenestablished as mutually agreeable to buyer and seller.

The token value may be expressed in terms of a linked currency.Generally, this is similar to transactions involving a physical object.If the token is intended to be exchanged on its own or is intended tohelp establish a valuation for the object, then it may be denominated insome currency (e.g. dollars). If, however, it merely is a holding placefor ownership (for example, I own one tenth of that painting and willget 1/10 of the sales price when the thing is sold), it need not bevalued at this time. The ownership claim provided by the token and thevaluation of the token are therefore related but not the same thing.

The real value of the token(s) will vary with the value of the linkedphysical object itself. If valued in a currency, it may also have thatvariation. To illustrate: I can contractually sell or pledge to you a1/10th interest in my house. Although you could have an appraisalperformed, the value of that ownership doesn't change because you do so(you merely now have an estimate of its potential value where you didn'tbeforehand). On the other hand, I could have a hoard of 10,000 $100bills and sell you a 1/10000 interest in that hoard. That valuation isobviously going to be very close to $100.

A preferred system tracks all this as usual in the rights server.Tokenization is a way to make the asset frangible. That is one of itsprimary advantages—making an indivisible item divisible. It, of course,has all the security features, tracking abilities, etc. described above,but in principle whatever one wants to do with that piece of the assetthat was allowed when the token was produced (or added since then), onecan do. What exactly one does may take many different forms, includinglending one's share, selling one's share, hypothecating one's share, andso on.

The tokens in some practical applications may be likened to a currencybacked by the asset. As with any “currency” people can choose not totake it. But were such a tokenization system in widespread use, theymight take a fractional share in a house or a Matisse as payment on acredit card bill. Who will take the token for what depends onestablishing an objective value for the token—in this case a fraction ofthe ownership of a Matisse of a given assessed valuation stored in thissecure place, etc.

As another illustration, I (as the owner) induct a cruise ship or anisland worth $100 million into the secure digital fingerprint-basedserver system. (Although the present coronavirus may have devaluedcruise ships substantially.) I generate one million tokens valued at$100 each. Then, I register users, and I ledger one token to each userwho pays $100 (or multiples thereof).

The island has an assessed and agreed-upon value of $100 million. Onemillion tokens are generated (and the right to produce more is given up,either contractually or by other means). When someone purchases a token,the secure ledger is updated. It is probably updated with informationabout the purchaser, about the token, and—in some embodiments—with thedigital fingerprint of some other object that is the proof that thepurchaser is the legitimate owner of the token. Think of this latter assecurely creating a physical bitcoin or, for that matter, a fiatcurrency bill. The physical object is the coin, the token plus ledger isthe record keeping on who owns what, who has lent what, and so on, andthe island is the store of value backing the “currency”. Think of thephysical object held by the purchaser as the “body” of the valuation andthe token as its immaterial but irrevocably linked “soul”. The token andthe link to the digital fingerprint of the physical object are whatconnects the physical object with the object of value (the island).

When the tokens are created (or, under some circumstances later) whatpeople can do with them is contractually agreed to. If a personexchanges his token for some good or service, he must ensure the tokenis assigned to its new owner. This can be done by, for example, goingonline and transferring the account in the ledger from one person toanother (this used particularly if there is no physical object“instantiating” the token), providing all the usual evidence of abilityto make that change, such as user name and password. If there is aphysical object, then just handing that to the new owner is sufficient(if allowed by the original contract). Thus, the user is “authenticated”either by his possession of the physical object or by the more usualways to link a person to a digital file or service. In general, theuser/purchaser “gives” the vendor the digital token. How he does so canbe quite varied.

I. Digital Fingerprinting

“Digital fingerprinting” refers to the creation and use of digitalrecords (digital fingerprints) derived from properties of a physicalobject, which digital records are typically stored in a database.Digital fingerprints maybe used to reliably and unambiguously identifyor authenticate corresponding physical objects, track them throughsupply chains, record their provenance and changes over time, and formany other uses and applications including providing secure linksbetween physical and digital objects as described above.

In more detail, as used herein, digital fingerprints typically includeinformation, preferably in the form of numbers or “feature vectors,”that describes features that appear at particular locations, calledpoints of interest, of a two-dimensional (2-D) or three-dimensional(3-D) object. In the case of a 2-D object, the points of interest arepreferably on a surface of the object. 2D digital fingerprints may alsobe produced by looking through the object and fingerprinting the result.There, the features do come from “inside” but the digital fingerprint istwo-dimensional. In the 3-D case, the points of interest may be on thesurface or in the interior of the object. In some applications, anobject “feature template” may be used to define locations or regions ofinterest for a class of objects. Feature vectors may be extracted fromthe regions of interest. The digital fingerprints may be derived orgenerated from digital data of the object which may be, for example,image data.

In the context of this description a digital fingerprint is a digitalrepresentation of the physical object. It can be captured from featuresof the surface, the internals, the progression of the object in time,and any other repeatable way that creates a digital fingerprint that canbe uniquely and securely assigned to the particular digital object.Though not mentioned herein, secure protection of the physical object,its digital fingerprint, and of the associated digital objects areassumed.

In the context of this document, a digital fingerprint is a natural“digitization” of the object, obtainable unambiguously from the digitalobject. It is the key to the digital object, providing the link betweenthe physical object and the digital. These digital fingerprints, inorder to accomplish the kind of physical-digital linkage desired, musthave certain properties. Our approach has these properties, while manyother forms of digital fingerprinting do not. Among these propertiesare:

-   -   The digital fingerprint must be unambiguously derived from a        single individual object.    -   It must remain matchable (to a corresponding datastore record)        with high confidence even as the individual object ages, wears,        or is otherwise changed.

Returning to the 2-D and 3-D object examples mentioned above, featureextraction or feature detection may be used to characterize points ofinterest. In an embodiment, this may be done in various ways. Twoexamples include Scale-Invariant Feature Transform (or SIFT) and SpeededUp Robust features (or SURF). Both are described in the literature. Forexample: “Feature detection and matching are used in image registration,object tracking, object retrieval etc. There are number of approachesused to detect and matching of features as SIFT (Scale Invariant FeatureTransform), SURF (Speeded up Robust Feature), FAST, ORB etc. SIFT andSURF are most useful approaches to detect and matching of featuresbecause it is invariant to scale, rotate, translation, illumination, andblur.” MISTRY, Darshana et al., Comparison of Feature Detection andMatching Approaches: SIFT and SURF, GRD Journals—Global Research andDevelopment Journal for Engineering|Volume 2|Issue 4|March 2017.

In some embodiments, digital fingerprint features may be matched, forexample, based on finding a minimum threshold distance. Distances can befound using Euclidean distance, Manhattan distance etc. If distances oftwo points are less than a prescribed minimum threshold distance, thosekey points may be known as matching pairs. Matching a digitalfingerprint may comprise assessing a number of matching pairs, theirlocations or distance and other characteristics. Many points may beassessed to calculate a likelihood of a match, since, generally, aperfect match will not be found. In some applications a “featuretemplate” may be used to define locations or regions of interest for aclass of objects. Matching features may focus within the regions ofinterest.

In an embodiment, features may be used to represent information derivedfrom a digital image in a machine-readable and useful way. Features maybe point, line, edges, and blob of an image etc. There are areas asimage registration, object tracking, and object retrieval etc. thatemploy a system or processor to detect and match correct features.Therefore, it may be desirable to find features in ways that areinvariant to rotation, scale, translation, illumination, noisy and blurimages. The search of interest points from one object image tocorresponding images can be very challenging work. The search maypreferably be done such that same physical interest points can be foundin different views. Once located, points of interest and theirrespective characteristics may be aggregated to form the digitalfingerprint (generally including 2-D or 3-D location parameters).

Put another way, a digital fingerprint is a natural “digitization” ofthe object, obtainable unambiguously from the digital object. It is thekey to the digital object, providing the link between the physicalobject and the digital. These digital fingerprints, in order toaccomplish the kind of physical-digital linkage desired, must havecertain properties. Among these properties are: 1) the digitalfingerprint extractable unambiguously from a single individual object;2) the digital fingerprint remains matchable with high confidence as theindividual object ages, wears, or is otherwise changed.

EXAMPLES

Example 1. A method comprising:

inducting a physical object into a rights management system by:

acquiring a digital fingerprint of the physical object;

creating an associated digital file (“ADF”) of the physical object in asecure datastore;

storing the digital fingerprint of the physical object in the ADF, so asto securely and uniquely link the ADF to the physical object as adigital counterpart in an unspoofable manner;

initializing a digital ledger stored in or linked to the ADF, thedigital ledger storing at least one asset-backed token representing aninterest in or transaction affecting the physical object; and

updating the digital ledger to realize transactions that utilize thetoken to exchange real value backed by the physical object.

Example 2. The method of example, further comprising:

providing a means for the second party to access the ADF, wherein thesecond party access to the ADF is limited to dealing with the interesttransferred to the second party as reflected in the ledger;

notifying the second party of the means provided for it to access theADF; and

storing data in or linked to the ADF indicating the means for the secondparty to access the ADF.

Example 3. The method of example 2, further comprising:

storing a key object digital fingerprint in the ADF;

associating the stored key object digital fingerprint to the secondparty interest; and

wherein the means for the second party to access the ADF comprisesauthenticating the second party or her transferee by matching a tendereddigital fingerprint to the stored key object digital fingerprint withina selected threshold level of confidence.

Example 4. The method of example 1 wherein:

the interest represented by the token stored in the ledger is at leastone of a set of interests comprising (a) full or partial ownership ofthe physical object, (b) partial or full ownership of a securityinterest in the physical object, and (c) a limited right to use thephysical object.

Example 5. The method of example 4, further comprising:

receiving input data that identifies an event associated with thephysical object;

analyzing the ADF based on the occurrence of the event;

updating zero or more tokens in the ADF based on the analysis; and

transmitting a message to an entity identified in the ADF as a holder ofone or more of the updated tokens.

Example 6. The method of example 5, further comprising:

programmatically applying occurrence of the event to the terms of anapplicable agreement to obtain a result;

executing an action responsive to the result in accordance with theagreement; and

transmitting a message notifying a party to the agreement of the secondaction.

Example 7. The method of example 6 wherein:

the action executed responsive to the result in accordance with theagreement comprises effecting a change of rights in the physical objectby updating the ADF linked to the physical object; and

the message notifies an owner of the physical object of the change ofrights.

Example 8. The method of example 7 wherein updating the ADF includesprogrammatically generating new or revised tokens in the ADF to reflectthe change of rights; and distributing the new or revised tokenselectronically.

Example 9. The method of example 8 wherein the change of rights is oneof a release of a security interest in the physical object or a changeof a security interest to an ownership interest.

Example 10. The method of example 1 further comprising:

authenticating a user to grant access to a digital counterpart of aphysical object, wherein the digital counterpart comprises an associateddigital file (“ADF”) that is stored in a secure database, andauthenticating the user includes matching a target digital fingerprinttendered by the user to a digital fingerprint previously inducted in thedatabase and stored in or linked to the ADF;

receiving an input from the authenticated user; and

executing a predetermined action.

Example 11. The method of example 10 wherein the predetermined actioncomprises triggering an application to carry out contracted terms basedon pre-defined triggers.

Example 12. The method of example 10 wherein the predetermined actioncomprises querying the ADF to identify an entity and transmitting amessage to the identified entity, the message based on the update to theledger.

Example 13. The method of example 6 wherein the agreement is one of aset of agreements that affects an interest in the physical objectincluding:

a hypothecation agreement, a loan agreement, a sale agreement, anagreement to partition or divide the physical object, an agreement inlieu of foreclosure, a tax lien, a will, a securitization agreement, abrokerage or agency agreement.

Example 14. The method of example 6 wherein the agreement is one of aset of agreements that affects an interest in the physical objectincluding:

a fractional hypothecation, a fractional monetization, and a fractionalownership.

Example 15. The method of example 1 including storing supplemental datarelated to the physical object in the ADF, wherein the supplemental dataincludes at least one of:

high-quality digital photographs of the physical object, and

a ledger of current and past owners of the physical object.

Example 16. The method of example 1 including storing supplemental datarelated to the physical object in the ADF, wherein the supplemental dataincludes at least one of:

a certificate of origin of the physical object,

a certificate issued by the most recent professional authenticator, or

what is known about the physical object's provenance and its subsequenthistory, and

a digital media file associated with the physical object.

Example 17. The method of example 1 including storing supplemental datarelated to the physical object in the ADF, wherein the supplemental dataincludes at least one of:

tokens that represent fractional ownership;

a ledger of current and past owners of the object; or

a ledger of transfers and transactions involving interests representedby digital tokens access tokens.

Example 18. A rights server system comprising:

a digital processor to execute stored program code;

a secure datastore operatively coupled to the digital processor,

the datastore including an associated digital file (“ADF”) of a physicalobject, wherein the ADF includes a digital fingerprint extracted fromthe physical object, thereby linking the ADF to the physical object,

the program code arranged to cause the digital processor, upon executionof the program code, to carry out:

-   -   initialize a transaction ledger in ADF;    -   tokenize a physical object by creating a digital token and        securely linking the token to the physical object by storing the        token in the ADF linked to the physical object, wherein the        creation of the token is under supervision or control of a        trusted entity that has been authenticated to the rights server        system, and wherein the digital token represents and specifies        an interest in the physical object;

transfer the digital token to a party; and

update the ledger and the digital token in the ADF to reflect thetransfer of the token.

Example 19. The rights server system according to example 18 wherein thespecified interest is an ownership interest in the physical object sothat the transfer of the digital token transfers the ownership interestto the party in a secure unspoofable manner.

Example 20. The rights server system according to example 19 wherein theownership interest is a fractional ownership interest.

Example 21. The rights server system according to example 18 wherein thespecified interest is a right to use the physical object and the digitaltoken is an access token.

Example 22. The rights server system according to example 18 wherein thespecified interest is a security interest or lien in the physicalobject.

Scanning

In this application, the term “scan” in its various forms is used in thebroadest sense, referring to any and all means for capturing an image orset of images, which may be in digital form or transformed into digitalform. Images may, for example, be two dimensional, three dimensional, orin the form of a video. Thus a “scan” may refer to an image (or digitaldata that defines an image) captured by a scanner, a camera, a speciallyadapted sensor or sensor array (such as a CCD array), a microscope, asmartphone camera, a video camera, an x-ray machine, a sonar, anultrasound machine, a microphone (or other instruments for convertingsound waves into electrical energy variations), etc. Broadly, any devicethat can sense and capture either electromagnetic radiation ormechanical wave that has traveled through an object or reflected off anobject or any other means to capture surface or internal structure of anobject is a candidate to create a “scan” of an object.

Various means to extract “fingerprints” or features from an object maybe used; for example, through sound, physical structure, chemicalcomposition, or many others. The remainder of this application will useterms like “image” but when doing so, the broader uses of thistechnology should be implied. In other words, alternative means toextract “fingerprints” or features from an object should be consideredequivalents within the scope of this disclosure. Similarly, terms suchas “scanner” and “scanning equipment” herein may be used in a broadsense to refer to any equipment capable of carrying out “scans” asdefined above, or to equipment that carries out “scans” as defined aboveas part of their function. Attestable trusted scanners should be used toprovide images for digital fingerprint creation. Scanner may be a singledevice or a multitude of devices and scanners working to enforce policyand procedures.

Authentication

In this application, various forms of the words “authenticate” and“authentication” are used broadly to describe both authentication andattempts to authenticate which comprise creating a digital fingerprintof the object. Therefore, “authentication” is not limited tospecifically describing successful matching of inducted objects orgenerally describing the outcome of attempted authentications. As oneexample, a counterfeit object may be described as “authenticated” evenif the “authentication” fails to return a matching result. In anotherexample, in cases where unknown objects are “authenticated” withoutresulting in a match and the authentication attempt is entered into adatabase for subsequent reference the action described as“authentication” or “attempted authentication” may also, post facto,also be properly described as an “induction”. An authentication of anobject may refer to the induction or authentication of an entire objector of a portion of an object.

More information about digital fingerprinting can be found in variouspatents and publications assigned to Alitheon, Inc. including, forexample, the following: DIGITAL FINGERPRINTING, U.S. Pat. No.8,6109,762; OBJECT IDENTIFICATION AND INVENTORY MANAGEMENT, U.S. Pat.No. 9,152,862; DIGITAL FINGERPRINTING OBJECT AUTHENTICATION ANDANTI-COUNTERFEITING SYSTEM, U.S. Pat. No. 9,443,298; PERSONAL HISTORY INTRACK AND TRACE SYSTEM, U.S. Pat. No. 10,037,537; PRESERVINGAUTHENTICATION UNDER ITEM CHANGE, U.S. Pat. App. Pub. No. 2017-0243230A1. Each of these patents and publications is hereby incorporated bythis reference.

One of skill in the art will recognize that the concepts taught hereincan be tailored to a particular application in many other ways. Inparticular, those skilled in the art will recognize that the illustratedexamples are but one of many alternative implementations that willbecome apparent upon reading this disclosure. It will be obvious tothose having skill in the art that many changes may be made to thedetails of the above-described embodiments without departing from theunderlying principles of the disclosure.

I/We claim:
 1. A method comprising: inducting a physical object into a rights management system by: acquiring a digital fingerprint of the physical object; creating an associated digital file (“ADF”) of the physical object in a secure datastore; storing the digital fingerprint of the physical object in the ADF, so as to securely and uniquely link the ADF to the physical object as a digital counterpart in an unspoofable manner; initializing a digital ledger stored in or linked to the ADF, the digital ledger storing at least one asset-backed token representing an interest in or transaction affecting the physical object; and updating the digital ledger to realize transactions that utilize the token to exchange real value backed by the physical object.
 2. The method of claim 1, further comprising: providing a means for the second party to access the ADF, wherein the second party access to the ADF is limited to dealing with the interest transferred to the second party as reflected in the ledger; notifying the second party of the means provided for it to access the ADF; and storing data in or linked to the ADF indicating the means for the second party to access the ADF.
 3. The method of claim 2, further comprising: storing a key object digital fingerprint in the ADF; associating the stored key object digital fingerprint to the second party interest; and wherein the means for the second party to access the ADF comprises authenticating the second party or her transferee by matching a tendered digital fingerprint to the stored key object digital fingerprint within a selected threshold level of confidence.
 4. The method of claim 1 wherein: the interest represented by the token stored in the ledger is at least one of a set of interests comprising (a) full or partial ownership of the physical object, (b) partial or full ownership of a security interest in the physical object, and (c) a limited right to use the physical object.
 5. The method of claim 4, further comprising: receiving input data that identifies an event associated with the physical object; analyzing the ADF based on the occurrence of the event; updating zero or more tokens in the ADF based on the analysis; and transmitting a message to an entity identified in the ADF as a holder of one or more of the updated tokens.
 6. The method of claim 5, further comprising: programmatically applying occurrence of the event to the terms of an applicable agreement to obtain a result; executing an action responsive to the result in accordance with the agreement; and transmitting a message notifying a party to the agreement of the second action.
 7. The method of claim 6 wherein: the action executed responsive to the result in accordance with the agreement comprises effecting a change of rights in the physical object by updating the ADF linked to the physical object; and the message notifies an owner of the physical object of the change of rights.
 8. The method of claim 7 wherein updating the ADF includes programmatically generating new or revised tokens in the ADF to reflect the change of rights; and distributing the new or revised tokens electronically.
 9. The method of claim 8 wherein the change of rights is one of a release of a security interest in the physical object or a change of a security interest to an ownership interest.
 10. The method of claim 1 further comprising: authenticating a user to grant access to a digital counterpart of a physical object, wherein the digital counterpart comprises an associated digital file (“ADF”) that is stored in a secure database, and authenticating the user includes matching a target digital fingerprint tendered by the user to a digital fingerprint previously inducted in the database and stored in or linked to the ADF; receiving an input from the authenticated user; and executing a predetermined action.
 11. The method of claim 10 wherein the predetermined action comprises triggering an application to carry out contracted terms based on pre-defined triggers.
 12. The method of claim 10 wherein the predetermined action comprises querying the ADF to identify an entity and transmitting a message to the identified entity, the message based on the update to the ledger.
 13. The method of claim 6 wherein the agreement is one of a set of agreements that affects an interest in the physical object including: a hypothecation agreement, a loan agreement, a sale agreement, an agreement to partition or divide the physical object, an agreement in lieu of foreclosure, a tax lien, a will, a securitization agreement, a brokerage or agency agreement.
 14. The method of claim 6 wherein the agreement is one of a set of agreements that affects an interest in the physical object including: a fractional hypothecation, a fractional monetization, and a fractional ownership.
 15. The method of claim 1 including storing supplemental data related to the physical object in the ADF, wherein the supplemental data includes at least one of: high-quality digital photographs of the physical object, and a ledger of current and past owners of the physical object.
 16. The method of claim 1 including storing supplemental data related to the physical object in the ADF, wherein the supplemental data includes at least one of: a certificate of origin of the physical object, a certificate issued by the most recent professional authenticator, or what is known about the physical object's provenance and its subsequent history, and a digital media file associated with the physical object.
 17. The method of claim 1 including storing supplemental data related to the physical object in the ADF, wherein the supplemental data includes at least one of: tokens that represent fractional ownership; a ledger of current and past owners of the object; or a ledger of transfers and transactions involving interests represented by digital tokens access tokens.
 18. A rights server system comprising: a digital processor to execute stored program code; a secure datastore operatively coupled to the digital processor, the datastore including an associated digital file (“ADF”) of a physical object, wherein the ADF includes a digital fingerprint extracted from the physical object, thereby linking the ADF to the physical object, the program code arranged to cause the digital processor, upon execution of the program code, to carry out: initialize a transaction ledger in ADF; tokenize a physical object by creating a digital token and securely linking the token to the physical object by storing the token in the ADF linked to the physical object, wherein the creation of the token is under supervision or control of a trusted entity that has been authenticated to the rights server system, and wherein the digital token represents and specifies an interest in the physical object; transfer the digital token to a party; and update the ledger and the digital token in the ADF to reflect the transfer of the token.
 19. The rights server system according to claim 18 wherein the specified interest is an ownership interest in the physical object so that the transfer of the digital token transfers the ownership interest to the party in a secure unspoofable manner.
 20. The rights server system according to claim 19 wherein the ownership interest is a fractional ownership interest.
 21. The rights server system according to claim 18 wherein the specified interest is a right to use the physical object and the digital token is an access token.
 22. The rights server system according to claim 18 wherein the specified interest is a security interest or lien in the physical object. 